ServiceNow User Request Integration

Integrate Privilege Management with ServiceNow to manage user requests. In a typical Privilege Management scenario, the end user tries to launch an application that requires elevated privileges or falls outside of existing policy rules. With this integration, the user sends a request to run the application from PM Cloud to their existing ServiceNow instance as a ticket.

End user message example for a ServiceNow integration with PMC.

The screen capture shown here is an example of how the messages appear for the end user in a ServiceNow integration. Similar to other application rules in Privilege Management, the user can select from a list of reasons for the request, or use free form text.

 

Configuration includes:

  • Register Privilege Management as an OAuth client in ServiceNow.
  • Create a user account in ServiceNow.
  • Configure the connection details to PMC in ServiceNow.
  • Activate and create a connection to ServiceNow in PMC.
  • Create an application rule in the Policy Editor and apply messages to the rule that are specific to ServiceNow authorization.

Create an OAuth Client for PMC

PMC must be added as an OAuth client in ServiceNow.

  1. In ServiceNow, go to Application Registry.

Application Registries - BeyondTrust PM Oauth Application Registry

  1. Configure the settings as shown. The Client ID which is automatically generated is required when setting up the connection in PMC.

 

Create a User Account in ServiceNow

Add a user account in ServiceNOw for PMC integration.

  1. Go to User Administration > Users.
  2. Enter the user account information. The user account is required as part of the configuration in PMC.

 

Configure the Connection to PMC in ServiceNow

Configure PMC in ServiceNow

  1. Go to Configuration.
  2. Select Yes to turn on the integration to PMC.
  3. Configure the settings as shown.

 

Configure the ServiceNow Integration in PMC

ServiceNow configuration in PMC

  1. Go to Configuration > Authorization Request Settings.
  2. Select Enable Authorization Request Integration to activate the integration.
  3. Configure the following:
    • Host name: The host name provided on the Configuration page in ServiceNow.
    • User name, Password: Enter the user account information you created in ServiceNow.
    • Client ID: The ID generated in ServiceNow available on the Configuration page.
    • Client Secret: The secret created on the Configuration page in ServiceNow.
    • Task Type: Select a type from the list: Incident or Change Request.
  1. Click Validate Settings to confirm the connection.